panoptimon 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 2ec4c546129725a6c662ae42fab05ac37d2ef7d5
+  data.tar.gz: 3c52bd2b259bf5d5b43b168d6c0b078b29169681
+SHA512:
+  metadata.gz: 0baa25a867349f8702542e9232e7e7478074cb918c901033a5de65ae0b310e2cfeee7e164f4666faa6ae1b4a9abca1735d5a17f7fa27e7b4e4b4294655002652
+  data.tar.gz: 332e77a896f7291841125ff938d4f80004f91c164e704027cc327c3ae9113e6534d5a3da809d77f630c7a31c41b628a0d3d172aaedc86951ed5704fe61374ed9

data/.gitignore

@@ -0,0 +1,24 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+/notes.txt
+/metrics.log
+/panoptimon.output
+
+# for all your experimental needs e.g. symlinks of configs
+/x/
+.vagrant

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in panoptimon.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,29 @@
+Copyright (C) 2012 Sourcefire, Inc.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+  * Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+
+  * Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in the
+    documentation and/or other materials provided with the distribution.
+
+  * Neither the name of *Sourcefire, Inc.* nor the names of its
+    contributors may be used to endorse or promote products derived from
+    this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md

@@ -0,0 +1,78 @@
+# Panoptimon
+
+The All-Seeing System Monitor Daemon
+
+## Installation
+
+    $ gem install panoptimon
+
+## Usage
+
+The `--config-dir` option will automatically set paths to configuration
+file, collectors, and plugins (and can be referred to as '%' as shown
+below.)
+
+    $ panoptimon --help
+    Usage: panoptimon [options]
+      -C, --config-dir DIR             Config directory (/etc/panoptimon/)
+      -c, --config-file FILENAME       Alternative configuration file 
+                                       (%/panoptimon.json)
+      -D, --[no-]foreground            Don't daemonize (false)
+          --collectors-dir DIR         Collectors directory (%/collectors)
+          --plugins-dir DIR            Plugins directory (%/plugins)
+          --list-collectors            list all collectors found
+          --list-plugins               list all plugins found
+      -o, --configure X=Y              Set configuration values
+          --show WHAT                  Show/validate settings for:
+                                         'config' / collector:foo / plugin:foo
+          --plugin-test FILE           Load and test plugin(s).
+      -d, --debug                      Enable debugging.
+          --verbose                    Enable verbose output
+      -v, --version                    Print version
+          --help-defaults              Show default config values
+      -h, --help                       Show this message
+
+See [the wiki](https://github.com/synthesist/panoptimon/wiki) for more
+info.
+
+## Copyright and License
+
+This software is released under the following (BSD 3-clause) license:
+
+Copyright (C) 2012 Sourcefire, Inc.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+  * Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+
+  * Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in the
+    documentation and/or other materials provided with the distribution.
+
+  * Neither the name of *Sourcefire, Inc.* nor the names of its
+    contributors may be used to endorse or promote products derived from
+    this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,14 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run specs"
+RSpec::Core::RakeTask.new do |t|
+  t.pattern = "./spec/**/*_spec.rb" # don't need this, it's default.
+  # Put spec opts in a file named .rspec in root
+end
+

data/bin/panoptimon

@@ -0,0 +1,118 @@
+#!/usr/bin/env ruby
+
+# Panoptimon - The All-Seeing System Monitor Daemon
+
+# Copyright (C) 2012 Sourcefire, Inc.
+
+require 'panoptimon'
+
+require 'json'
+require 'pathname'
+
+require 'rubygems'
+require 'daemons'
+require 'eventmachine'
+
+opts = Panoptimon.load_options(ARGV) or exit
+
+monitor = Panoptimon::Monitor.new(config: opts)
+monitor.logger.level = ::Logger::DEBUG if opts.debug
+
+if opts.show then opts.show.each {|show, what|
+
+  getconf = ->(type, name) {
+    file = monitor.send("find_#{type}s").find {|f|
+      f.basename.to_s == "#{name}.json"}
+    {file => monitor.send("_load_#{type}_config", file)}
+  }
+
+  puts JSON.pretty_generate(
+    case show 
+      when :config;    {config: opts.marshal_dump}
+      when :collector; getconf.call(show, what)
+      when :plugin;    getconf.call(show,what)
+      when %r{/}
+        p = Pathname.new(show.to_s)
+        raise "no such file '#{p}'" unless p.exist?
+        {p => monitor.send(
+          "_load_#{p.dirname.basename.to_s.sub(/s$/,'')}_config", p)}
+      else raise "--show '#{show}' argument invalid"
+    end
+  ).sub(/^{\n  /, '').sub(/\n}$/,'').gsub(/\n  /, "\n")
+  exit
+}; end
+
+# XXX needs a real test
+puts "config: ", JSON.pretty_generate(opts.marshal_dump) if opts.debug
+
+if opts.lists
+
+  opts.lists.uniq.sort.each { |list|
+    does = {
+      collectors: ->() { monitor.find_collectors },
+      plugins:    ->() { monitor.find_plugins },
+    }
+    puts does[list].call.tap {|x| x.push('(none)') unless x.length > 0}.
+      unshift("#{list}:").join("\n  ");
+  }
+
+  exit
+end
+
+if opts.plugin_test
+
+  opts.plugin_test.each do |p|
+    monitor._init_plugin(monitor._load_plugin_config(Pathname.new(p)))
+  end
+
+  module MetricReader
+    def initialize (monitor)
+      @monitor = monitor
+    end
+
+    def notify_readable
+      line = @io.readline
+      begin
+        data = JSON.parse(line)
+      rescue
+        $stderr.puts "error parsing #{line.dump} - #{$!}"
+      end
+      EM.next_tick {
+        @monitor.bus_driver(Panoptimon::Metric.new(:input, data))
+      }
+    rescue EOFError
+      detach
+      EM.stop
+    end
+  end
+
+  $stderr.puts "Enter JSON metrics or type Ctrl-D to exit." if
+    $stdin.tty?
+
+  EM.run {
+    monitor.run
+    EM.watch($stdin, MetricReader, monitor).notify_readable = true
+  }
+
+  exit
+end
+
+########################################################################
+if opts.daemonize
+  # TODO could possibly use webrick::daemon.start or process.daemon,
+  # but this has support for redirecting io to logfiles... worth it?
+  Daemons.daemonize(
+    app_name: Pathname.new($0).basename.to_s,
+    log_output: true)
+end
+
+# TODO maybe split config loading / init across daemonize for better
+# startup diagnostics about config errors
+monitor.load_plugins
+monitor.load_collectors
+
+EM.run {
+  monitor.run
+}
+
+# vim:ts=2:sw=2:et:sta

data/collectors/cpu/cpu

@@ -0,0 +1,39 @@
+#!/usr/bin/env ruby
+
+$stdout.sync = true # persistent process
+
+require 'json'
+opt = ARGV[0] ? JSON::parse(ARGV[0]) : {'interval' => 1}
+
+p = IO.popen([*%w{vmstat -n }, opt['interval'].to_s], 'r')
+p.readline # scrap
+optional = {stolen: 'st'}
+want = {user: 'us', system: 'sy', idle: 'id', wait: 'wa'}.
+  merge(optional)
+
+# index the header
+head = p.readline.chomp.sub(/^\s+/, '').split(/\s+/)
+head = Hash[*head.zip(0..(head.length-1)).flatten]
+
+outs = {}; want.each {|k,v|
+  if head.include?(v)
+    outs[k] = head[v]
+  else
+    raise "missing key '#{v}' (#{k}) - expected in header" \
+      unless optional.include?(k)
+  end
+}
+
+# discard first (unprimed) output
+p.readline; puts '{}'
+
+while l = p.readline.sub(/^\s+/, '')
+  if l =~ /\d+\s+\d/
+    l = l.split(/\s+/)
+    puts JSON::generate(
+      Hash[*outs.keys.map {|k| [k, l[outs[k]]]}.flatten]
+    )
+  else
+    puts '{}'
+  end
+end

data/collectors/cpu/cpu.json

@@ -0,0 +1 @@
+{"interval" : 3}

data/collectors/disk/disk

@@ -0,0 +1,37 @@
+#!/usr/bin/env ruby
+
+require 'json'
+require 'rubygems'
+require 'sys/filesystem'
+
+config = JSON::parse(ARGV[0])
+
+$stdout.sync = true
+
+def GB b; (b.to_f / 1024**3).round(6); end # GB significant down to 4kB
+
+while(true) do
+  info =
+    Sys::Filesystem.mounts.
+    # map {|m| $stderr.puts m.name; m}.
+    find_all{|m| not(m.name =~ /^(devpts|udev|sysfs|tmpfs|none|proc)$/)}.
+    map {|m|
+      s = Sys::Filesystem.stat(m.mount_point)
+      # $stderr.puts "#{m.name} - #{s.inspect}"
+      [m.name, {
+        # block_size: s.block_size,
+        # blocks: s.blocks,
+        # blocks_available: s.blocks_available,
+        space_used: GB((s.blocks - s.blocks_free) * s.block_size),
+        space_free: GB(s.blocks_available         * s.block_size),
+        space_priv: GB((s.blocks_free - s.blocks_available) * s.block_size),
+        files_used: s.files - s.files_available,
+        files_free: s.files_available,
+        # files_priv: s.files_free - s.files_available, # XXX any use?
+      }]
+    }
+  puts JSON::generate(Hash[*info.flatten])
+
+  break unless config.include?('interval')
+  sleep config['interval']
+end

data/collectors/disk/disk.json

@@ -0,0 +1 @@
+{"interval" : 1}

data/collectors/disk/requires

@@ -0,0 +1 @@
+gem/sys-filesystem

data/collectors/disk_free/disk_free

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+
+require 'json'
+
+df_cmd = 'df -kP' # or without -P on non-gnu...
+info = %x{#{df_cmd}}.split(/\n/).drop(1).
+  map{|l| l.split(/\s+/).values_at(0,2,3,5)} # fs, used, free, mount
+  .find_all{|x| not(x[0] =~ /^(udev|tmpfs|none)$/)}
+
+out = {}
+info.each {|x| out[x[0]] = {
+  used: (x[1].to_f / 1024**2).round(6), # GB significant down to 4kB
+  free: (x[2].to_f / 1024**2).round(6),
+}}
+puts JSON::generate(out)

data/collectors/disk_free/disk_free.json

@@ -0,0 +1 @@
+{}

data/collectors/dns/README.md

@@ -0,0 +1,33 @@
+# Config
+
+The 'hosts' section is a hash of hostnames and record types to be
+queried.  Valid types include 'a', 'mx', 'ns', 'ptr', 'txt', 'cname',
+and 'any'.  Query result types may vary from the request.
+
+```json
+
+{
+  "hosts" : {
+    "example.com" : ["a", "mx", "ns"],
+    "www.example.com" : ["cname"],
+  },
+  "nameservers" : [null, "ns.example.com"]
+}
+```
+
+# Results
+
+The results will include a count (`n`) and _info.records for each.
+
+```json
+{
+   "dns|ns.example.com|www.example.com|cname|n" : 1,
+   "dns|default|www.example.com|cname|n" : 1,
+   "dns|ns.example.com|www.example.com|cname|_info" : {
+      "records" : [ "see-also.example.com.  ]
+   },
+   "dns|default|www.example.com|cname|_info" : {
+      "records" : [ "see-also.example.com.  ]
+   }
+}
+```

data/collectors/dns/dns

@@ -0,0 +1,9 @@
+#! /usr/bin/env ruby
+
+$LOAD_PATH.unshift(File.expand_path(File.join(File.dirname(__FILE__), 'lib')))
+require 'rubygems'
+require 'json'
+require 'panoptimon-collector-dns'
+
+client = Panoptimon::Collector::DNS.new(JSON.parse(ARGV[0], {symbolize_names: true}))
+puts client.query.to_json

data/collectors/dns/dns.json

@@ -0,0 +1,7 @@
+{
+  "hosts" : {
+    "sourcefire.com"             : ["a", "mx"],
+    "www.sourcefire.com"         : ["cname"],
+    "console.amp.sourcefire.com" : ["cname"]
+  }
+}

data/collectors/dns/lib/panoptimon-collector-dns/dns.rb

@@ -0,0 +1,43 @@
+class Array; def to_h; Hash[self]; end; end
+module Panoptimon
+  module Collector
+    class DNS
+
+      attr_accessor :options
+
+      def initialize(options={})
+        @options = options
+      end
+
+      # types: a, mx, ns, ptr, txt, cname, any
+
+      def query
+        hosts = @options[:hosts]
+        nslist = @options[:nameservers] || [nil]
+        nslist.map {|ns|
+          dns = ::Net::DNS::Resolver.new(
+            ns ? {nameservers: ns} : {})
+          [ns || 'default', hosts.map {|name,types|
+            # TODO allow aliased name for output?
+            # e.g. types.class == Hash ? ...
+            # collect results by type regardless of query
+            typed = Hash.new { |h,k|
+              h[k] = {n: 0, _info: {records: []}} }
+            types.each {|t|
+              dns.search(name.to_s, Net::DNS.const_get(t.upcase)).
+              answer.each { |rec|
+                stash = typed[rec.type.downcase]
+                stash[:n] += 1
+                stash[:_info][:records].push(rec.value)
+              }
+            }
+            [name, typed]
+          }.to_h]
+        }.to_h
+      end
+
+    end
+  end
+end
+
+

data/collectors/dns/lib/panoptimon-collector-dns.rb

@@ -0,0 +1,2 @@
+require 'net/dns'
+require 'panoptimon-collector-dns/dns'

data/collectors/dns/panoptimon-collector-dns.gemspec

@@ -0,0 +1,4 @@
+Gem::Specification.new { |s|
+
+  s.add_dependency 'net-dns'
+}

data/collectors/files/README.md

@@ -0,0 +1,32 @@
+```json
+
+{
+  "paths" : {
+    "/tmp" : {},                // implicit name+path, just count everything + report
+    "/tmp swapfiles" : {        // names must be unique
+      "path" : "/tmp",          // explicit path
+      "match" : "^\\..*\.swp$", // regular expression match
+      "atime" : {"min": 1354051358}, // in absolute epoch seconds
+      // also max, (and relative time using -min/-max)
+      // also for: mtime, ctime, size (only absolute min/max)
+      //
+      // uid/gid : [35, 47], or by excluding: ["not", 0, 42]
+      //
+      // mode: "0[67][45]0" // a right-anchored regexp
+      // mode: "& 0111"     // octal bitmask
+    },
+    "/opt" : {"no_list" : true},    // will skip stat() on contents
+    "/bin" : {"no_list" : true,     // will only return the count,
+      "mtime" : {"-min" : 600}},    // but stat is needed for the check
+    "/vmlinuz" : {
+      "path"   : "/",
+      "only"   : ["vmlinuz"],       // explicit list / skip readdir()
+      "filter" : ["symlink"],       // must be a symlink
+      "mtime"  : {"-min" : 3600},   // relative to Time.now
+    },
+    "/bin symlinks" : {"path" : "/bin/", "filter" : ["symlink"]},
+    "/usr/bin swapfiles" : {"path" : "/usr/bin/", "glob" : ".*.swp"}
+  }
+}
+
+```

data/collectors/files/files

@@ -0,0 +1,129 @@
+#!/usr/bin/env ruby
+
+require 'json'
+require 'pathname'
+
+# given a list of attributes
+# returns a function which expects a file or stat object and will answer
+# true if all of the attributes are true about that object
+def filters (list)
+  ok = %w{blockdev chardev directory file pipe setgid setuid socket sticky
+    symlink world_readable world_writable zero}
+  ok = ok + ok.map {|i| '!'+i}
+  not_ok = list - ok
+  raise "unsupported: '#{not_ok}'" if not_ok.length > 0
+  list.map! {|i| i = i+'?';
+    i.sub!(/^!/, '') ? ->(f) {not(f.send(i))} : ->(f){f.send(i)}
+  }
+  return ->(f) { return list.all? {|t| t.call(f)} ? true : false }
+end
+
+class Code < Proc
+  attr_accessor :source
+  def self.new (*args, src)
+    src = '->(' + args.join(',') + ') {' + src + '}'
+    block = eval(src)
+    super(&block).tap {|x| x.source = src}
+  end
+end
+
+def minmax (prop, c) # c is hash of min|-min / max|-max
+  unrel = ->(k) {
+    relk = '-'.+(k.to_s).to_sym
+    c[k] ? c[k].to_i :
+      c[relk] ?  "Time.now.to_i - " + c[relk].to_i.to_s
+      : nil
+  }
+  checks = {min: '>=', max: '<='}.map {|k,v|
+    (abs = unrel[k]) ? ["#{v} #{abs}"] : []
+  }.flatten
+  Code.new(:s,
+    checks.length > 1 ?
+      "v = s.send('#{prop}').to_i; " +
+        checks.map {|cmp| 'v ' + cmp}.join(' && ')
+    : "s.send('#{prop}').to_i " + checks[0]
+  )
+end
+
+# should prep the report per key (so it can be prepped once, stored and
+# re-run in persistent mode)
+def report (key, c)
+  path = Pathname.new(c[:path] || key.to_s)
+
+  sf = [] # list of checks which must all return true per stat
+  sf.push(filters(c[:filters])) if c[:filters]
+  sf.push(->(p) {
+    p.sub!(/^& 0/, '') ?
+      ->(){p = p.to_i(8);
+        ->(s) { s.mode & 0777 & p > 0 }}[]
+    : ->(){p = /#{p}$/
+        ->(s) { sprintf("%04o", s.mode & 0777) =~ p }}[]
+  }.call(c[:mode])) if c[:mode]
+  [:atime, :mtime, :ctime].find_all {|k| c[k]}.each {|k|
+    sf.push(minmax(k, c[k]))
+  }
+  [:size].find_all {|k| c[k]}.each {|k|
+    raise "relative values are nonsensical for #{k}" if
+      c[k][:'-min'] or c[k][:'-max']
+    sf.push(minmax(k, c[k]))
+  }
+  [:uid, :gid].find_all {|k| c[k]}.each {|k|
+    l = c[k].kind_of?(Array) ? c[k] : [c[k]]
+    neg = l[0] == 'not' ? l.shift : nil
+    l = Hash[l.map {|i| [i.to_i, true]}]
+    sf.push(
+      neg ? ->(s) {not l.include?(s.send(k))}
+          : ->(s) {l.include?(s.send(k))}
+    )
+  }
+
+
+  no_stat = c[:no_list] && sf.length == 0 # OPTIMIZATION
+
+  nf = [] # list of checks which must all return true per name
+  if c[:skip]
+    nf.push(->(list){
+      skips = Hash[list.map {|n| [n,true]}]
+      return ->(f) { skips[f.to_s] ? false : true }
+    }.call(c[:skip]))
+    warn "'skip' and 'only' options nonsensical" if c[:only]
+  end
+
+
+  # TODO I think lstat is the way to go - assumes you want to know about
+  # symlinks more than their targets (make it an option?)
+
+  files = Hash[
+  c[:only] ?
+    c[:only].map {|f| [f, begin; path.+(f).lstat; rescue; nil; end]} :
+  ->(got) { no_stat ?
+      got.map {|f| [f.to_s, nil]}
+    : got.map {|f| [f.to_s, path.+(f).lstat]}
+  }.call(
+    c[:glob] ?
+      Pathname.glob(path + c[:glob]).map {|n| n.relative_path_from(path)} :
+    c[:match] ?
+      path.children(false).find_all {|x| x.to_s =~ /#{c[:match]}/o}
+    : path.children(false)
+  )]
+  files.keep_if {|f,s| nf.all? {|c| c.call(f)} } if nf.length > 0
+  files.keep_if {|f,s| sf.all? {|c| c.call(s)} } if sf.length > 0
+
+  res = {count: files.keys.length}
+  return res if c[:no_list]
+  files.length == 0 ?  res : res.merge('' => Hash[files.map {|k,v|
+    [k,v ? Hash[
+      %w{dev ino mode nlink uid gid rdev size blksize blocks}
+      .map {|n| [n,v.send(n)]} +
+      %w{atime mtime ctime}.map {|n| [n,v.send(n).to_i]}] : nil]
+  }])
+  # TODO _info => {symlinks => {filename => readlink, ...}
+end
+
+def run (opt)
+  p = opt[:paths] or raise "'paths' argument required!"
+
+  puts JSON.generate(Hash[p.map {|k,v| [k, report(k,v)]}])
+end
+
+run(JSON::parse(ARGV[0], {symbolize_names: true})) if __FILE__ == $0

data/collectors/files/files.json

@@ -0,0 +1,14 @@
+{
+  "description" : "count / stat some files",
+  "paths" : {
+    "/ writable dirs" : {"path" : "/",
+      "only" : ["bin", "boot", "dev", "etc", "home", "lib", "usr"],
+      "skip" : ["tmp"],
+      "filters" : ["directory", "world_writable"]}
+  },
+  "-examples" : [
+    {"/some/dir/" : {}},
+    {"/some/dir/" : {"match" : "^\\..*\\.swp$"},
+    "1+/some/dir" : {"path" : "/some/dir", "glob" : ".*.swp"}}
+  ]
+}